Software agents are known in the art. Software agents are independent, executable, software generally designed for a single function. An agent community is a collection of agents for performing a single task or multiple tasks. The agent community may be resident and executing on a single computer or the agent community may be distributed and executing on a network of multiple computers.
Agents are software entities displaying the traits of cooperation, learning and autonomy to various degrees. Agents use standard languages and protocols to reach common goals through collaborative cooperation, learn from experience and observation, adapt to their environment, and act on their own to pursue their own agendas. Some typical attributes of agents include adaptability, ability to communicate knowledge, persistence, inferential capability, personality (predictable behavior characteristics), and mobility. Some agents are able to travel from system to system to complete a specified task. Mobile agents are able to carry their data and execution context along with them as they travel between communities. Agents may display some or all of these attributes, as well as other possible attributes not included in this list.
When an agent community is built using known software tools, there is a possibility of invasion or inclusion of “rogue agents” or “mole agents.” Rogue agents are agents whose purpose is to spy on or disrupt the agent community. Mole agents are agents whose purpose is to spy on the agent community and collect and provide information from within the community to a person, agent, or organization outside the agent community.
During the community building process, an infiltration, either physical or electronic, may be used by unscrupulous individuals to insert or add rogue or mole agents to a community. These agents may then disrupt the operation of the community or they may simply spy on and report information about the community to outside the community.
After the community is built, the possibility of outside infiltration of rogue agents remains. If there are no security controls or agents in place, a rogue agent may be added to the community from outside the community once the community is built and executed. Because of agent mobility or the ability to migrate between communities, it is possible for a rogue agent to migrate from one agent community to another agent community by posing as an authorized agent in the community.
Communities are typically “trusting” software, assuming that new agents connecting or migrating are trustworthy by knowing the protocol. The intent is to make expansion of the communities easy by making it easy to add or replace agents.
Previous approaches have included active human monitoring and intervention in the execution of the agent community. A human operator would be required to monitor the agent community and detect abnormal operations being performed by agents in the community. Additionally, the human operator must monitor agent migrations between communities. Upon detection of a rogue or mole agent, the human operator would then actively initiate security measures, such as isolation, continued monitoring, misdirection, and unauthorized agent termination. By requiring a human presence to perform security functions, the agent community efficiency and speed is decreased and expense is increased. Therefore, there is a need in the art to perform security-related functions in an agent community using security agents without requiring human intervention. More specifically, there is a need in the art for a special set of agents to monitor and police an agent community for abnormal actions or unauthorized agents within the community.